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-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address » 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days v^ll be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )S Responsive to Gommunication(s) filed on 24 March 2004 , 
2a)n This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal nnatters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-3, 5-19. 33 and 35-43 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) ^ Claim(s) 1-3, 5-19. 33 and 35-43 is/are rejected. 

Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) 0 The dravving(s) filed on is/are: 3)0 accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2) ^ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)|El All b)n Some * c)^ None of: 

1 Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



Response to Amendment 



1 . This action is in response to the amendment filed 03/24/2004, in which claims 1 , 
33 and 38 were amended; claims 4 and 34 were cancelled; and claims 42-43 were 
added. 



2. Applicant's arguments, see page 9, third paragraph, filed 3/24/04, with respect to 
claims 1 , 33 and 38 have been fully considered and are persuasive. The rejections of 
claims 1 , 33 and 38 under 35 USC 112 have been withdrawn. 

Applicant's arguments, see page 11, third paragraph, with respect to the rejection 
of claim 4 under 35 USC 103 have been fully considered and are persuasive. 
Therefore, the rejection has been withdrawn. However, a discovery of new prior art has 
necessitated new grounds of rejection. The delay in citation of the newly discovered 
prior art is regretted. 

3. Applicant's arguments, filed 3/24/04, with respect to the rejection(s) of claims 1 1 , 
13-14, 17-18, 35, 37, 39 and 41 have been fully considered but they are not persuasive. 
In response to applicant's argument that there are no suggestions to combine the 
references, the examiner recognizes that obviousness can only be established by 
combining or modifying the teachings of the prior art to produce the claimed invention 



Response to Arguments 
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where there is some teaching, suggestion, or motivation to do so found either in the 
references themselves or in the knowledge generally available to one of ordinary skill in 
the art. See In re Fine, 837 F.2d 1071. 5 USPQ2d 1596 (Fed. Cir. 1988) and In re 
Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). 

With respect to claims 1 1 , 35 and 39, applicant argues that the Murphy reference 
does not teach the motivation for combining the references. The Murphy reference and 
Digiorgio reference are analogous art because they are from the same field of 
endeavor, which is accessing network resources using smart cards. Murphy teaches 
using a database to store and retrieve authentication information and provides the 
motivation for doing so (col. 6, lines 39-41). 

With respect to claims 18, 37 and 41 , Murphy teaches that a remote 
administrator being separated into a plurality of modules and various implementations of 
a module (col. 5, lines 39-49). In this case, flexible implementation of the remote 
administrator serves as the motivation. 

With respect to claims 13-14, applicant points out that the reference does not 
include several elements cited in the claim. The examiner notices that the limitation of 
the claim is "at least one of the following" (2"^ line of the claim). Applicant argues that 
there is no motivation for combining the references. Within the same field of endeavor, 
Muftic discloses a method of obtaining access to computer or network resources using 
a smart card (col. 5, lines 22-24). Muftic teaches the step of performing an 
administration operation by transmitting a certificate and credentials, which is part of an 
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authentication protocol for controlling access to protected resources, and it serves as 
motivation. 

With respect to claim 17, in response to applicant's argument that there is no 
recitation of a message being sent to an end user and there is no suggestion to 
combine the references. The Pare reference is analogous art because it is from similar 
problem solving area, which is performing authentication and authorization over a 
network. Pare discloses a status of success or failure being returned by the other 
computer system (col. 6, lines 45-47), which is a message being sent to an end user. 
The step of providing results of operations to end user itself serves as motivation 

Claim Objections 

4. Claims 7-8 are objected to because they depend on a cancelled claim, claim 4. It 
is assumed that claim 7 depends on claim 1 and claim 8 depends on claim 7; the claims 
are examined based on this assumption. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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6. Claims 1-3. 5-10, 12. 15-16. 19. 33. 36, 38. 40 and 42-43 are rejected under 35 
U.S.C. 103(a) as being unpatentable over DiGiorgio et al. (6.385,729) in view of 
Tolopka et al. (6,044,349) and Aboba et al. (RFC 2194. Review of Roaming 
Implementations). 

a. Regarding claims 1 , which is representative of claims 33 and 38, DiGiorgio 
discloses a method for remote administration of a smart card via communication 
network comprising the steps of: 

associating a smart card with a remote administrator by storing administrator 
identification of the remote administrator in the smart card (col. 10, lines 58-60); 

inserting a smart card in a user unit,(col. 9, lines 49-50); 

establishing communication between the smart card and a remote administrator 
via a communication network (col. 10, lines 25-26). 

DiGiorgio does not disclose the step of employing the administrator identification 
information stored in the smart card to identify and establish communication with the 
remote administrator. Tolopka discloses the step of employing the administrator 
identification information stored in the smart card to identify and establish 
communication with the remote administrator (col. 5, lines 9-1 1 ; col. 6. lines 21-24). It 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made to modify the method of DiGiorgio such that identification information of a remote 
administrator is used to identify and establish communication with the remote 
administrator, as taught by Tolopka. That way the user unit can be dynamically 
configured to establish communication with different remote administrators. 
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DiGiorgio does not disclose that the establishing step connprises identifying a 
local administrator and determining the local administrator as a proxy administrator for 
administrating the smart card by transmitting at least authorization information form the 
remote administrator to the local administrator. Aboba teaches the use of local 
administrators and the steps of identifying a local administrator and determining the 
local administrator as a proxy administrator by transmitting at least authorization 
information form a remote administrator to the local administrator (see Section 4,6 
Authentication, "After the initial PPP authentication ... and the user will be dropped by 
the NAS."). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the method of DiGiorgio to use local administrators and 
the establishing step comprising identifying a local administrator and determining the 
local administrator as a proxy administrator by transmitting at least authorization 
information from the remote administrator to the local administrator, as taught by Aboba, 
in order to provide roaming capability (see Abstract). 

b. Regarding claim 2, DiGiorgio further discloses that communication with the 
remote administrator is performed by the user unit (col. 5, lines 50-51 ; col. 10, lines 25- 
26). 

c. Regarding claim 3, DiGiorgio further discloses communication with the remote 
administrator employing the Internet Protocol (col. 5, lines 52-53). 

d. Regarding claim 5, DiGiorgio further discloses the step of administrating the 
smart card after communication with the remote administrator is established (col. 10, 
lines 29-30). 
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e. Regarding claim 6, DIGiorgio further discloses the step of administrating the 
smart card immediately after communication with the remote administrator is 
established (col. 10, lines 29-30). 

f. Regarding claim 7, DIGiorgio and Tolopka disclose the step of administrating the 
smart card after communication with the remote administrator is established (col. 10, 
lines 29-30). DiGiorgio and Tolopka do not teach the use of a proxy administrator. 
Aboba teaches the use of a proxy administrator (see Section 4.6 Authentication, "If the 
authentication request comes from ... and the user will be dropped by the NAS."). 
Please refer to motivation recited for using a proxy administrator as taught by Aboba in 
claim 1. 

g. Regarding claim 8, DiGiorgio and Tolopka disclose the step of administrating the 
smart card immediately after communication with the remote administrator is 
established (col. 10, lines 29-30). DiGiorgio and Tolopka do not teach the use of a 
proxy administrator. Aboba teaches the use of a proxy administrator (see Section 4.6 
Authentication, "If the authentication request comes from ... and the user will be 
dropped by the NAS."). Please refer to motivation recited for using a proxy 
administrator as taught by Aboba in claim 1. 

h. Regarding claim 9, DiGiorgio further discloses the step of performing an 
administration initialization procedure to authenticate the smart card (col. 10, lines 30- 
47). 
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i. Regarding claim 10. DiGiorgio further discloses the step of preventing 
performance of any operation other than the administration initialization procedure until 
the procedure is verified to be in order (col. 10. lines 47-50). 

j. Regarding claims 12 and 40, DiGiorgio further discloses the step of accessing a 
protected information resource (col. 10. lines 47-48). 

k. Regarding claims 15 and 16. DiGiorgio further discloses the step of performing 
security mechanisms, bilateral authentication, for accessing the protected information 
resource by the smart card (col. 10, lines 28-48). 

I. Regarding claim 19, DiGiorgio further discloses that the communication network 
comprises a MAN or a WAN (col. 5, lines 53-55). 

m. Regarding claim 36, DiGiorgio further discloses protected information resource 
accessible by the smart card via the remote administrator (col. 10, lines 24-25). 
n. Regarding claim 42. DiGiorgio further discloses that the administration 
initialization procedure comprises a two-way challenge-response authentication using 
information related to a shared secret (col. 10, lines 28-36). 

0. Regarding claim 43, DiGiorgio further discloses that the bilateral authentication 
comprises a two-way challenge-response authentication using information related to a 
shared secret (col. 10. lines 28-36). 

7. Claims 11. 18. 35, 37, 39 and 41 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over DiGiorgio in view of Tolopka and Aboba as applied to claims 1. 33 
and 38 above, and further in view of Murphy et al. (6.266,744). 
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a. Regarding claims 1 1 , 35 and 39, DIGiorgio, Tolopka and Aboba do not disclose a 
smart card database at the remote administrator and the step of identifying the smart 
card in the smart card database. Murphy discloses a smart card database at the 
remote administrator and the step of identifying the smart card in the smart card 
database (col. 6, lines 33-41). It would have been obvious to one of ordinary skill in the 
art at the time the invention was made to modify the system of DiGiorgio, Tolopka and 
Aboba to include a smart card database at the remote administrator and the step of 
identifying the smart card in a smart card database, as taught by Murphy, so that the 
authentication profiles can be indexed and maintained using well-known database 
techniques. 

b. Regarding claims 18, 37 and 41, DiGiorgio, Tolopka and Aboba do not disclose 
that the remote administrator comprises a plurality of administrators. Murphy discloses 
that a remote administrator can comprise a plurality of administrators (col. 5, lines 39- 
49). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the method of DiGiorgio, Tolopka and Aboba such that 
the remote administrator comprises a plurality of administrator, as taught by Murphy, to 
have a flexible implementation of the remote administrator. 

8. Claims 13-14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
DiGiorgio in view of Tolopka and Aboba as applied to claim 12 above, and further in 
view of Muftic (5,943,423). DiGiorgio, Tolopka and Aboba do not disclose the step of 
performing an administration operation. Muftic discloses the step of performing an 
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administration operation by transmitting a certificate and credentials (col. 5, lines 33-38). 
It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to modify the method of DiGiorgio and Tolopka to include the step of 
performing an administration operation by transmitting a certificate and credentials, as 
taught by Muftic, in order for the remote administrator to be able to control access to the 
protected resources. 

9. Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
DiGiorgio in view of Tolopka and Aboba as applied to claim 12 above, and further in 
view of Pare, Jr. et al. (5,838,812). DiGiorgio, Tolopka and Aboba disclose that each 
operation performed during the accessing step by the smart card is performed only at 
the end of an administration procedure (col. 10, lines 47-50). DiGiorgio, Tolopka and 
Aboba do not teach the use of an "END ADMINISTRATION OPERATION" message at 
the end of a two-way authentication. Pare, Jr.- teaches the use of message presented at 
the end of each operation, which has the same function as the "END 
ADMINISTRATION OPERATION" message (col. 6, lines 48-51 ). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to modify 
the method of DiGiorgio and Tolopka to present a message at the end of an 
administration procedure, as taught by Pare, Jr., so that users can be informed of the 
result of the operation. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dinh whose telephone number is 703-306-5617. 
The examiner can normally be reached on Mon - Fri: 9:00 am - 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 703-305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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Minh Dinh 
Examiner 
Art Unit 2132 
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SUPERVISORY PATENT EXAMINER 
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